Below is the JtR command from our Live Cyber Attack Webinar. In this scenario, our hacker used kerberoast to steal a Kerberos ticket granting ticket(TGT) containing the hash to be cracked, which was saved in a file called ticket.txt. In our case, the wordlist used is the classic rockyou password file from Kali Linux, and the command was set to report progress every 3 seconds.
fcrackzip is the software preinstalled in kali linuix and backtracks which is used for cracking password by bruteforce attack . I have created a test zip file name 100.zip with a password of admin for this demonstration purpose .Go switch to your linux terminal with your zip file and type in the command
Another note about zip cracking is that if you have an unencrypted/uncompressed copy of any one of the files that is compressed in the encrypted zip, you can perform a \"plaintext attack\" and crack the zip, as detailed here, and explained in this paper. The newer scheme for password-protecting zip files (with AES-256, rather than \"ZipCrypto\") does not have this weakness. 153554b96e